Malware

How to remove “Fragtor.104905”?

Malware Removal

The Fragtor.104905 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Fragtor.104905 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Executed a command line with /C or /R argument to terminate command shell on completion which can be used to hide execution
  • Dynamic (imported) function loading detected
  • Network anomalies occured during the analysis.
  • Reads data out of its own binary image
  • A process created a hidden window
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • A ping command was executed with the -n argument possibly to delay analysis
  • Uses Windows utilities for basic functionality
  • Created a process from a suspicious location
  • Uses suspicious command line tools or Windows utilities

How to determine Fragtor.104905?


File Info:

name: 3430071E38D9E048B306.mlw
path: /opt/CAPEv2/storage/binaries/23d7a9f4dedca8504fe3f87dd23c128a033b9bc4f23a2c471ce4c25b525f073a
crc32: F88686FF
md5: 3430071e38d9e048b3061e60a819315a
sha1: d7ef3254e631780839878cda0d514b073f60cc41
sha256: 23d7a9f4dedca8504fe3f87dd23c128a033b9bc4f23a2c471ce4c25b525f073a
sha512: f7591c4b29fb4f0de28818e7bd900f00e26f471b14699c79213f1594e54d519ae258b734a9a97949745cd8d10de6e86d54a6b3f4d91d2763e6ee9a9a96086337
ssdeep: 768:qmA3bEFkF9xjXvKBBW5bu33XwDqkUvCpQY:qoUDjSBBWEnXwDqdvCt
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T146C27D93F5D28471CF0509F12272FEBC8EBEB5302DAA6A534760F72A69E61B0D51418F
sha3_384: 5cdd1fb0fc311481cc82c2a085257236b8fc33616be5e1e7592ab12c113c8624b867f8ff32ec06a73aadfdc3fb605cd3
ep_bytes: e8b1020000e974feffff558becff7508
timestamp: 2020-12-13 23:46:04

Version Info:

0: [No Data]

Fragtor.104905 also known as:

MicroWorld-eScanGen:Variant.Fragtor.104905
FireEyeGeneric.mg.3430071e38d9e048
ALYacGen:Variant.Fragtor.104905
CylanceUnsafe
K7AntiVirusPassword-Stealer ( 005937271 )
K7GWPassword-Stealer ( 005937271 )
Cybereasonmalicious.e38d9e
CyrenW32/Agent.ENB.gen!Eldorado
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/PSW.Agent.OOO
APEXMalicious
ClamAVWin.Malware.Fugrafa-9950512-0
KasperskyHEUR:Trojan.Win32.SelfDel.vho
BitDefenderGen:Variant.Fragtor.104905
NANO-AntivirusTrojan.Win32.SelfDel.jpepdv
AvastWin32:Malware-gen
TencentTrojan.Win32.Selfdel.xb
Ad-AwareGen:Variant.Fragtor.104905
TACHYONTrojan/W32.Fugrafa.26112
SophosTroj/PWS-CMJ
DrWebTrojan.MulDrop20.10627
ZillyaTrojan.SelfDel.Win32.65008
McAfee-GW-EditionGenericRXNV-VM!3430071E38D9
EmsisoftGen:Variant.Fragtor.104905 (B)
GDataGen:Variant.Fragtor.104905
JiangminTrojan.Selfdel.rft
AviraHEUR/AGEN.1234650
MicrosoftTrojanDownloader:Win32/Emotet!ml
CynetMalicious (score: 100)
AhnLab-V3Malware/Win.Reputation.R496203
Acronissuspicious
McAfeeGenericRXNV-VM!3430071E38D9
MAXmalware (ai score=86)
VBA32BScope.Trojan.Occamy
MalwarebytesMalware.AI.2397151589
RisingTrojan.PSW!1.DE3E (CLASSIC)
IkarusTrojan.DelFiles
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/SelfDef.26C0!tr
AVGWin32:Malware-gen
PandaTrj/Genetic.gen

How to remove Fragtor.104905?

Fragtor.104905 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment